From c6db4b1a172fbc3830e9156353ecea5d0054410d Mon Sep 17 00:00:00 2001
From: sujiba <mail@sujiba.de>
Date: Sun, 5 Jan 2025 01:08:19 +0100
Subject: [PATCH] feat: added new server token

---
 tasks/main.yml             | 8 +++++---
 templates/security.conf.j2 | 1 +
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index aff576b..c4e80a6 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -2,7 +2,9 @@
 # tasks file for nginx
 - name: Install nginx
   ansible.builtin.apt:
-    name: nginx
+    name:
+      - nginx
+      - libnginx-mod-http-headers-more-filter
     state: present
   notify: Start and enable nginx
 
@@ -11,7 +13,7 @@
     path: /etc/nginx/sites-enabled/default
     state: absent
 
-- name: Comment ssl_protocols out in nginx.conf, is defined in security.conf
+- name: Comment out ssl_protocols in nginx.conf, it is defined in security.conf
   ansible.builtin.replace:
     path: /etc/nginx/nginx.conf
     regexp: '^(\s*ssl_protocols)'
@@ -23,7 +25,7 @@
     regexp: '^(\s*ssl_protocols)'
     replace: '#\1'
 
-- name: Comment ssl_prefer_server_ciphers out in nginx.conf, is defined in security.conf
+- name: Comment out ssl_prefer_server_ciphers in nginx.conf, it is defined in security.conf
   ansible.builtin.replace:
     path: /etc/nginx/nginx.conf
     regexp: '^(\s*ssl_prefer_server_ciphers)'
diff --git a/templates/security.conf.j2 b/templates/security.conf.j2
index e640967..9f3a38c 100644
--- a/templates/security.conf.j2
+++ b/templates/security.conf.j2
@@ -8,3 +8,4 @@ limit_req_zone $binary_remote_addr zone=conn_limit:10m rate=5r/s;
 
 # extras
 server_tokens off;
+more_set_headers 'Server: UwU';
\ No newline at end of file